Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2012-6151

Published: 13 December 2013

Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.

Notes

AuthorNote
mdeslaur 
upstream patch breaks ABI

Priority

Low

Status

Package Release Status
net-snmp
Launchpad, Ubuntu, Debian 		lucid
Released (5.4.2.1~dfsg0ubuntu1-0ubuntu2.3)
precise
Released (5.4.3~dfsg-2.4ubuntu1.2)
quantal
Released (5.4.3~dfsg-2.5ubuntu1.1)
raring Ignored
(reached end-of-life)
saucy
Released (5.7.2~dfsg-8ubuntu1.1)
upstream Needed

Patches:
upstream: http://sourceforge.net/p/net-snmp/code/ci/f9304c83f76202db0e684269ca1af32e43cd9db4 (needed)
upstream: http://sourceforge.net/p/net-snmp/code/ci/793d596838ff7cb48a73b675d62897c56c9e62df/

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading